X-Git-Url: https://code.delx.au/gnu-emacs/blobdiff_plain/d2fc7e3d0f6f57f962cbd94df3bf4fd15a37bb68..38182d901d030c7d65f4aa7a49b583afb30eb9b7:/src/filelock.c
diff --git a/src/filelock.c b/src/filelock.c
index 13b27c72f1..252ee3cfb1 100644
--- a/src/filelock.c
+++ b/src/filelock.c
@@ -1,5 +1,5 @@
/* Lock files for editing.
- Copyright (C) 1985-1987, 1993-1994, 1996, 1998-2011
+ Copyright (C) 1985-1987, 1993-1994, 1996, 1998-2012
Free Software Foundation, Inc.
This file is part of GNU Emacs.
@@ -40,8 +40,8 @@ along with GNU Emacs. If not, see . */
#include
#include "lisp.h"
-#include "buffer.h"
#include "character.h"
+#include "buffer.h"
#include "coding.h"
#include "systime.h"
@@ -168,7 +168,7 @@ get_boot_time (void)
/* If we did not find a boot time in wtmp, look at wtmp, and so on. */
for (counter = 0; counter < 20 && ! boot_time; counter++)
{
- char cmd_string[100];
+ char cmd_string[sizeof WTMP_FILE ".19.gz"];
Lisp_Object tempname, filename;
int delete_flag = 0;
@@ -191,19 +191,16 @@ get_boot_time (void)
character long prefix, and call make_temp_file with
second arg non-zero, so that it will add not more
than 6 characters to the prefix. */
- tempname = Fexpand_file_name (build_string ("wt"),
+ filename = Fexpand_file_name (build_string ("wt"),
Vtemporary_file_directory);
- tempname = make_temp_name (tempname, 1);
- args[0] = Vshell_file_name;
+ filename = make_temp_name (filename, 1);
+ args[0] = build_string ("gzip");
args[1] = Qnil;
- args[2] = Qnil;
+ args[2] = list2 (QCfile, filename);
args[3] = Qnil;
- args[4] = build_string ("-c");
- sprintf (cmd_string, "gunzip < %s.%d.gz > %s",
- WTMP_FILE, counter, SDATA (tempname));
- args[5] = build_string (cmd_string);
+ args[4] = build_string ("-cd");
+ args[5] = tempname;
Fcall_process (6, args);
- filename = tempname;
delete_flag = 1;
}
}
@@ -284,14 +281,10 @@ typedef struct
{
char *user;
char *host;
- unsigned long pid;
+ pid_t pid;
time_t boot_time;
} lock_info_type;
-/* When we read the info back, we might need this much more,
- enough for decimal representation plus null. */
-#define LOCK_PID_MAX (4 * sizeof (unsigned long))
-
/* Free the two dynamically-allocated pieces in PTR. */
#define FREE_LOCK_INFO(i) do { xfree ((i).user); xfree ((i).host); } while (0)
@@ -301,7 +294,7 @@ typedef struct
trailing period plus one for the digit after it plus one for the
null. */
#define MAKE_LOCK_NAME(lock, file) \
- (lock = (char *) alloca (SBYTES (file) + 2 + 1 + 1 + 1), \
+ (lock = alloca (SBYTES (file) + 2 + 1 + 1 + 1), \
fill_in_lock_file_name (lock, (file)))
static void
@@ -344,10 +337,13 @@ static int
lock_file_1 (char *lfname, int force)
{
register int err;
- time_t boot;
+ printmax_t boot, pid;
const char *user_name;
const char *host_name;
char *lock_info_str;
+ ptrdiff_t lock_info_size;
+ int symlink_errno;
+ USE_SAFE_ALLOCA;
/* Call this first because it can GC. */
boot = get_boot_time ();
@@ -360,15 +356,14 @@ lock_file_1 (char *lfname, int force)
host_name = SSDATA (Fsystem_name ());
else
host_name = "";
- lock_info_str = (char *)alloca (strlen (user_name) + strlen (host_name)
- + LOCK_PID_MAX + 30);
+ lock_info_size = (strlen (user_name) + strlen (host_name)
+ + 2 * INT_STRLEN_BOUND (printmax_t)
+ + sizeof "@.:");
+ SAFE_ALLOCA (lock_info_str, char *, lock_info_size);
+ pid = getpid ();
- if (boot)
- sprintf (lock_info_str, "%s@%s.%lu:%lu", user_name, host_name,
- (unsigned long) getpid (), (unsigned long) boot);
- else
- sprintf (lock_info_str, "%s@%s.%lu", user_name, host_name,
- (unsigned long) getpid ());
+ esprintf (lock_info_str, boot ? "%s@%s.%"pMd":%"pMd : "%s@%s.%"pMd,
+ user_name, host_name, pid, boot);
err = symlink (lock_info_str, lfname);
if (errno == EEXIST && force)
@@ -377,6 +372,9 @@ lock_file_1 (char *lfname, int force)
err = symlink (lock_info_str, lfname);
}
+ symlink_errno = errno;
+ SAFE_FREE ();
+ errno = symlink_errno;
return err == 0;
}
@@ -397,8 +395,9 @@ static int
current_lock_owner (lock_info_type *owner, char *lfname)
{
int ret;
- size_t len;
- int local_owner = 0;
+ ptrdiff_t len;
+ lock_info_type local_owner;
+ intmax_t n;
char *at, *dot, *colon;
char readlink_buf[READLINK_BUFSIZE];
char *lfinfo = emacs_readlink (lfname, readlink_buf);
@@ -408,12 +407,9 @@ current_lock_owner (lock_info_type *owner, char *lfname)
return errno == ENOENT ? 0 : -1;
/* Even if the caller doesn't want the owner info, we still have to
- read it to determine return value, so allocate it. */
+ read it to determine return value. */
if (!owner)
- {
- owner = (lock_info_type *) alloca (sizeof (lock_info_type));
- local_owner = 1;
- }
+ owner = &local_owner;
/* Parse USER@HOST.PID:BOOT_TIME. If can't parse, return -1. */
/* The USER is everything before the last @. */
@@ -426,25 +422,35 @@ current_lock_owner (lock_info_type *owner, char *lfname)
return -1;
}
len = at - lfinfo;
- owner->user = (char *) xmalloc (len + 1);
- strncpy (owner->user, lfinfo, len);
+ owner->user = xmalloc (len + 1);
+ memcpy (owner->user, lfinfo, len);
owner->user[len] = 0;
/* The PID is everything from the last `.' to the `:'. */
- owner->pid = atoi (dot + 1);
- colon = dot;
- while (*colon && *colon != ':')
- colon++;
+ errno = 0;
+ n = strtoimax (dot + 1, NULL, 10);
+ owner->pid =
+ ((0 <= n && n <= TYPE_MAXIMUM (pid_t)
+ && (TYPE_MAXIMUM (pid_t) < INTMAX_MAX || errno != ERANGE))
+ ? n : 0);
+
+ colon = strchr (dot + 1, ':');
/* After the `:', if there is one, comes the boot time. */
- if (*colon == ':')
- owner->boot_time = atoi (colon + 1);
- else
- owner->boot_time = 0;
+ n = 0;
+ if (colon)
+ {
+ errno = 0;
+ n = strtoimax (colon + 1, NULL, 10);
+ }
+ owner->boot_time =
+ ((0 <= n && n <= TYPE_MAXIMUM (time_t)
+ && (TYPE_MAXIMUM (time_t) < INTMAX_MAX || errno != ERANGE))
+ ? n : 0);
/* The host is everything in between. */
len = dot - at - 1;
- owner->host = (char *) xmalloc (len + 1);
- strncpy (owner->host, at + 1, len);
+ owner->host = xmalloc (len + 1);
+ memcpy (owner->host, at + 1, len);
owner->host[len] = 0;
/* We're done looking at the link info. */
@@ -476,7 +482,7 @@ current_lock_owner (lock_info_type *owner, char *lfname)
}
/* Avoid garbage. */
- if (local_owner || ret <= 0)
+ if (owner == &local_owner || ret <= 0)
{
FREE_LOCK_INFO (*owner);
}
@@ -538,8 +544,15 @@ lock_file (Lisp_Object fn)
{
register Lisp_Object attack, orig_fn, encoded_fn;
register char *lfname, *locker;
+ ptrdiff_t locker_size;
lock_info_type lock_info;
+ printmax_t pid;
struct gcpro gcpro1;
+ USE_SAFE_ALLOCA;
+
+ /* Don't do locking if the user has opted out. */
+ if (! create_lockfiles)
+ return;
/* Don't do locking while dumping Emacs.
Uncompressing wtmp files uses call-process, which does not work
@@ -576,13 +589,17 @@ lock_file (Lisp_Object fn)
return;
/* Else consider breaking the lock */
- locker = (char *) alloca (strlen (lock_info.user) + strlen (lock_info.host)
- + LOCK_PID_MAX + 9);
- sprintf (locker, "%s@%s (pid %lu)", lock_info.user, lock_info.host,
- lock_info.pid);
+ locker_size = (strlen (lock_info.user) + strlen (lock_info.host)
+ + INT_STRLEN_BOUND (printmax_t)
+ + sizeof "@ (pid )");
+ SAFE_ALLOCA (locker, char *, locker_size);
+ pid = lock_info.pid;
+ esprintf (locker, "%s@%s (pid %"pMd")",
+ lock_info.user, lock_info.host, pid);
FREE_LOCK_INFO (lock_info);
attack = call2 (intern ("ask-user-about-lock"), fn, build_string (locker));
+ SAFE_FREE ();
if (!NILP (attack))
/* User says take the lock */
{
@@ -617,7 +634,7 @@ unlock_all_files (void)
b = XBUFFER (XCDR (XCAR (tail)));
if (STRINGP (BVAR (b, file_truename)) && BUF_SAVE_MODIFF (b) < BUF_MODIFF (b))
{
- unlock_file(BVAR (b, file_truename));
+ unlock_file (BVAR (b, file_truename));
}
}
}
@@ -709,6 +726,10 @@ syms_of_filelock (void)
doc: /* The directory for writing temporary files. */);
Vtemporary_file_directory = Qnil;
+ DEFVAR_BOOL ("create-lockfiles", create_lockfiles,
+ doc: /* Non-nil means use lockfiles to avoid editing collisions. */);
+ create_lockfiles = 1;
+
#ifdef CLASH_DETECTION
defsubr (&Sunlock_buffer);
defsubr (&Slock_buffer);